Novell builds open-source CardSpace

Novell is developing an open source version of Microsoft's InfoCard identity technology that will run on both Linux and Mac.

By
John Fontana, Network World
| Mar 27, 2007

| IDG News Service

Share

TwitterFacebookLinkedInGoogle Plus

Novell is developing an open source version of Microsoft's InfoCard identity technology that will run on both Linux and Mac.

The Novell software's source code is already available. It provides users with a "digital wallet" that holds any number of separate identity cards that can be used to authenticate to web sites or network resources, such as applications or databases, or to complete transactions online.

Novell tapped into Microsoft's InfoCard technology to develop what it is calling an InfoCard Selector, a graphical user interface that lets users select cards from their digital wallet.

Novell began work on the selector last September, long before its highly publicised partnership with Microsoft in November, but the work aligns nicely with the partnership's focus on interoperability

To support the InfoCard Selector, Novell used technology on the back end from its Bandit project, a sort of standard bus that identity-enabled applications can plug into, and the Higgins project, a framework designed to integrate identity, profile and relationship data from across multiple systems.

Novell plans to turn Selector into a licensed product, but has no timetable for doing so, according to company officials.

Related

The promise of the technology is that users will have a standard and secure way to control their identity information and determine with whom to share it.

"The big picture here is the availability of a viable cross-platform identity selector," says Dale Olds, a distinguished engineer with Novell. "For the first time we have a functionally equivalent system to Microsoft's CardSpace that runs on Linux and Mac."

CardSpace, which shipped with Windows Vista, is Microsoft's implementation of InfoCard.

Novell's work is further validation of user-centric identity technologies such as Microsoft's InfoCard and OpenID, which is a simple authentication protocol.

At the RSA Conference in February, Microsoft pledged to integrate OpenID with CardSpace.
Novell's work comes with the blessing of Microsoft, which has been pushing for industry-wide acceptance of InfoCard.

The biggest step came in September last year when Microsoft quietly released its Open Specification Promise (OPS), which gives developers access, without need for licenses or fear of legal action, to many of the web services protocols Microsoft has developed over the past years.

OPS includes the current versions of protocols in the WS-* security stack, which form the foundation of InfoCard and its Identity Metasystem digital identity architecture.

Novell used the protocols within OPS to develop its open source InfoCard Selector.

While Novell's selector matches the features of CardSpace, Novell's technology can support multiple identity card stores, whereas the Microsoft technology will support only one.

During a demo of the software at last week's Brainshare conference, Novell used a general user identity card running on a Mac to access a web site, browse items and store them in a shopping cart. The user signed off and then logged onto a separate Linux desktop, accessed the same web site, and completed the transaction by using the Linux-based InfoCard Selector to pick an identity card from the card store on the user's cell phone, which communicated with the Linux desktop using Bluetooth.

The demo can be accessed here. (fast-forward to the 40-minute mark to see the demo.)

While identity cards are encrypted in the card store on devices or desktops, the beauty of the InfoCard technology is its security. Identity data - which in the Novell transaction demo is a credit card number - is held by a third party called an identity provider. The third party - in the Novell example it was American Express - validates that the user has the funds to complete the transaction and sends that validation via secure token to the web site, called the requesting party, which never receives the user's actual credit card number.

Users can have multiple cards with various levels of data that can range from just a simple name and password to more personal and sensitive data.

Novell's software is not the first cross-platform implementation of InfoCard, but it is the first that runs natively on the host operating system and that will eventually be packaged and sold.

Developer Chuck Mortimer has created a Java-based identity card selector that runs in a browser, and developer Kevin Miller has created an extension for Firefox to support CardSpace.